I am trying to create client certifications against a Microsoft CA using the built in website. (Microsoft Active Directory Certificate Services) From what I can tell, you have to login as the user to create the corresponding certificate.
Is there any way to get around that? I tried to create my own template, duplicating the user template, but it doesn't match and gets rejected when trying to authenticate. Is this something I'd have to look at building?
Best Answer
Just configure the group policy to "Auto-Enrol" the user/machine certificates
http://technet.microsoft.com/en-us/library/cc787781%28WS.10%29.aspx